struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: [OT] Session ID in the URL
Date Thu, 16 Jun 2005 16:17:49 GMT
On 16/06/05 17:13&nbsp;Adam Hardy wrote:

> 
> It seems to be hard-coded behaviour that you can't do anything about 
> unless you want to write some javascript to check the URL and put a 
> token in the query string for the next request.

Stupid me.

Even quicker would be to check if you have the first request that 
establishes the session, and then put some token in the form or 
querystring, to mimic the JSESSIONID. Then you can just check for your 
token.

I'm just thinking what the test would be to check if it's the first 
request.

getRequestedSessionId == null?


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message